Mix:ed feelings

Sure, Microsoft still uses Passport, but why wouldn’t it? It also hopes we’ve all forgotten the time Passport broke so badly that lots of user accounts were lost. So is this a reincarnation of the Passport concept? Microsoft, not surprisingly, doesn’t want developers to think of it as Passport version two, but rather as Live ID version one. Putting such marketing spin aside for a minute, let’s look at how it should work and what advantages implementing it in a web application could offer to the developer.

Mix:ed feelings

Its real benefit is seen if your website uses any of the other Live API functions – for example, you want your users to be able to access their MSN buddy lists from your website. If you don’t use Live ID your site would have to ask the user to enter their MSN login details and pass them through to the Live API – however, if your site allows users to log in directly to the Live ID site via an iFrame, then a token will be passed back from Microsoft’s Live servers to your application, which enables controlled access to their Live data (depending on their security settings). And if the user is already logged into Live ID before they get to your site, this token transfer is completely invisible.

What Live ID is not is a single place for users to log into, Passport-style. While you could use it for this purpose, your web application would then have no access to the extra user information stored on the Live ID site. For example, let’s assume the user has previously logged into site A via Live ID and has been asked for their address: later, this same user logs into site B, but if site B wants to know the address it will have to ask for it again, which I think makes for a frustrating experience. If you’ve gone to the bother of entering your full details on a site that had a Live ID login it’s infuriating to be asked for the same info again when logging in using your Live ID on another site. I can see that Microsoft is trying to build a secure mechanism for accessing Live services from other web applications, and as such it looks like a good enough way of doing things, but a second coming of HailStorm it ain’t.

Perhaps I was expecting too much from Mix:UK. I was surprised, to say the least, when only about 20% of the people attending put their hands up when asked who had any experience of developing in Ajax. Visual Studio 2008 will come with much greater support for Ajax, with 40 new tools, and Ajax 1 will be included in the .NET Framework 3.5 rather than being an add-in, so perhaps as development and debugging of Ajax applications becomes easier, more people will come onboard and start producing these killer applications that we’re all looking forward to. Unless, that is, Microsoft changes its mind all over again and starts bringing in even more cool new technologies that scare more developers away from learning about something that might become obsolete before its first service pack is released. I really hope not.

Disclaimer: Some pages on this site may include an affiliate link. This does not effect our editorial in any way.

Todays Highlights
How to See Google Search History
how to download photos from google photos